Cryptography Reference
In-Depth Information
Listing 6-66:
“tls.c” with protection parameters sent to send_message
static int send_handshake_message( int connection,
int msg_type,
const unsigned char *message,
int message_len,
TLSParameters *parameters )
{
…
return send_message( connection, content_handshake, send_buffer,
send_buffer_size,
¶meters->active_send_parameters
);
…
static int send_alert_message( int connection,
int alert_code,
ProtectionParameters *parameters
)
{
…
return send_message( connection, content_alert, buffer, 2
, parameters
);
…
static int send_change_cipher_spec( int connection, TLSParameters *parameters )
{
…
send_message( connection, content_change_cipher_spec, send_buffer, 1,
¶meters->active_send_parameters
);
…
static int receive_tls_msg( int connection,
TLSParameters *parameters )
{
…
if ( ( status = send_alert_message( connection, illegal_parameter,
¶meters->active_send_parameters
) ) )
…
read_pos = parse_server_hello( read_pos, handshake.length, parameters
);
if ( read_pos == NULL ) /* error occurred */
{
send_alert_message( connection, illegal_parameter,
¶meters->active_send_parameters
);
…
read_pos = parse_finished( read_pos, handshake.length, parameters );
if ( read_pos == NULL )
{
send_alert_message( connection, illegal_parameter,
¶meters->active_send_parameters
);
Notice that the alert messages need to be updated, too. If an alert is sent after
a handshake has completed, the alert itself must be encrypted. Although this
won't come up during an initial handshake,
send_alert_message
must include
a
ProtectionParameters
value because
send_message
does.
Search WWH ::
Custom Search